Details
FileName | |
---|---|
Malware Family | CyberGate |
Date Added | 2015-11-07 20:05:01 |
MD5 | 8990c80f680e78faa38b207424f7959f |
Sha256 | 498fc9983e6dd7a76820993b09549b5d204faffe254616ed1af40692548e2c9c |
Robot | Robots lovingly delivered by robohash.org |
Advertising
Config Data
FTPPassword | |
---|---|
CampaignID | Lammer |
Password | 123 |
USBSpread | 1000 |
FTPDirectory | ./ |
FTPAddress | |
InstallDir | System32 |
Persistance | TRUE |
InstallMessageTitle | Wilker seu cotoco ! |
KeyloggerBackspace | TRUE |
HideFile | TRUE |
Mutex | Pluguin |
Domain | vinicronic.dnsget.org, |
FTPPort | |
REGKeyHKCU | Avirnt |
MessageBoxIcon | 16 |
Port | 2014, |
CyberGateVersion | |
StartupPolicies | Policies |
REGKeyHKLM | Avgnt |
FTPUserName | |
ChangeCreationDate | TRUE |
MeltFile | FALSE |
InstallFileName | System32.exe |
KeyloggerEnableFTP | FALSE |
FTPInterval | 30 |
InstallMessageBox | PERDEU PC WILKER ... SEU SISTEMA SERA FORMATADO. |
InstallFlag | TRUE |
ActiveXStartup | {8RIRU75G-7B14-5746-07EY-1UKE1EB30LUF} |
EnableMessageBox | TRUE |
ActivateKeylogger | TRUE |
MessageBoxButton | 0 |
Virustotal
48 out of 54 AV Engines identified the sample as Malicious.